torrust_index_backend/web/api/v1/contexts/user/
routes.rs

1//! API routes for the [`user`](crate::web::api::v1::contexts::user) API context.
2//!
3//! Refer to the [API endpoint documentation](crate::web::api::v1::contexts::user).
4use std::sync::Arc;
5
6use axum::routing::{delete, get, post};
7use axum::Router;
8
9use super::handlers::{
10    ban_handler, email_verification_handler, login_handler, registration_handler, renew_token_handler, verify_token_handler,
11};
12use crate::common::AppData;
13
14/// Routes for the [`user`](crate::web::api::v1::contexts::user) API context.
15pub fn router(app_data: Arc<AppData>) -> Router {
16    Router::new()
17        // Registration
18        .route("/register", post(registration_handler).with_state(app_data.clone()))
19        // code-review: should this be part of the REST API?
20        // - This endpoint should only verify the email.
21        // - There should be an independent service (web app) serving the email verification page.
22        //   The wep app can user this endpoint to verify the email and render the page accordingly.
23        .route(
24            "/email/verify/:token",
25            get(email_verification_handler).with_state(app_data.clone()),
26        )
27        // Authentication
28        .route("/login", post(login_handler).with_state(app_data.clone()))
29        .route("/token/verify", post(verify_token_handler).with_state(app_data.clone()))
30        .route("/token/renew", post(renew_token_handler).with_state(app_data.clone()))
31        // User ban
32        // code-review: should not this be a POST method? We add the user to the blacklist. We do not delete the user.
33        .route("/ban/:user", delete(ban_handler).with_state(app_data))
34}
torrust_index_backend/web/api/v1/contexts/user/routes.rs

torrust_index_backend/web/api/v1/contexts/user/
routes.rs
